CLAIMS 

What is claimed is: 



1 1 . A method of registering a non-configured network device in a telecommunications 

2 network, the method comprising the computer-implemented steps of: 

3 receiving a message fi'om a first non-configured network device that requests network 

4 services; 

5 authenticating the first device based on a longer-lived symmetric key received fi-om 

6 the first device; 

7 generating and providing a shorter-lived symmetric key to the first device based on 

^2 8 authenticating the longer-lived symmetric key; 

U 

Q 9 receiving a request fi-om a second device to obtain a session key for secure 

JS^ 1 0 communications between the second device and the first device, based on 

in 1 1 authenticating the shorter-lived symmetric key, wherein the request includes 

12 the shorter-lived symmetric key of the first device; 

1^^ 1 3 generating and providing a symmetric session key to the second device for use in 

14 subsequent secure peer-to-peer communications between the first device and 

ij: 1 5 the second device without communication of either the first device or second 

li 1 6 device to a key management service or authoritative authentication service; 

17 and 

1 8 registering the first device in the network. 

1 2. A method as recited in Claim 1 , wherein the shorter-lived symmetric key is 

2 encapsulated in a ticket that includes data identifying a specified lifetime of the shorter-lived 

3 symmetric key. 

13. A method as recited in Claim 1, further comprising the steps of receiving, at the 

2 second device, a request from the first device to obtain a session key on behalf of both the 

3 first device and second device, wherein the request includes the shorter-lived symmetric key 

4 of the first device. 
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1 4. A method as recited in Claim 1 , wherein the subsequent secure communications 

2 comprise successive symmetric encryption and decryption operations using the symmetric 

3 session key, and wherein the first device and second device carry out the subsequent secure 

4 communications without contact with a key management service or registration service. 



15. A method as recited in Claim 1 , further comprising the steps of: 

2 receiving a request from a first device that wishes to communicate securely with a 

3 second device to register with a trusted registration service; 

4 authenticating the first device; and 

5 in response to authenticating the first device, providing a longer-lived symmetric key 

6 to the first device. 

1 6. A method as recited in Claim 1 , further comprising the steps of: 

2 authenticating the first device to a trusted registration service; and 

3 in response to authenticating the first device to the trusted registration service, 

4 providing the longer-lived symmefric key to the first device. 

17. A method as recited in Claim 6, further comprising the steps of: 

2 providing trusted information to the trusted registration service that certifies that the 

3 first device as a known device within a security reahn; and 

4 providing information identifying the registration service to the first device for use in 

5 obtaining the longer-lived symmetric key. 

1 8. A method of distributing cryptographic keys in a network, the method comprising the 

2 computer-implemented steps of: 

3 providing a registration service identifier that identifies an administrative entity to a 

4 first device and providing a unique identifier of the first device to the 

5 administrative entitjr. 
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6 associating a device private key in a secure data repository that is accessible by the 

7 administrative entitjr, 

8 establishing a longer-lived symmetric key for the first device; 

9 authenticating the first device based on receiving the longer-lived symmetric key 

1 0 fi-om the first device; 

1 1 generating and providing a short-term symmetric key to the first device based on 

1 2 authenticating the longer-lived symmetric key; 

1 3 receiving a request from a second device to obtain a session key for secure 

1 4 communications among the second device and the first device, based on 

1 5 authenticating the short-term symmetric key, wherein the request includes the 

1 6 short-term symmetric key of the first device; and 

1 7 generating and providing a symmetric session key to the second device for use in 

1 8 subsequent secure peer-to-peer communications between the first device and 

1 9 the second device without communication of either the first device or second 

20 device to a key management service or authoritative authentication service. 

1 9. A method as recited in Claim 8, wherein the step of associating a device private key 

2 with a data repository comprises the steps of generating a public key pair comprising a 

3 device public key and a device private key and storing the device private key in a database or 

4 directory that is accessible to the administrative entity. 

1 10. A method as recited in Claim 8, wherein the step of associating a device private key 

2 with a data repository comprises the steps of generating a public key pair comprising a 

3 device pubUc key and a device private key and registering the device private key with a 

4 certification authority that is accessible to the administrative entity. 

1 11. A method as recited in Claim 8, wherein the step of establishing a longer-lived 

2 symmetric key for the first device comprises the steps of: 

3 generating information that provides assurance to a registration service that the first 

4 device is a certified device; and 

5 authenticating the first device to the registration service. 
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12. A method as recited in Claim 9, wherein the step of establishing a longer-lived 
symmetric key for the first device comprises the steps of: 

generating information that provides assurance to a registration service that the first 

device is a certified device; and 
authenticating the first device to the registration service by sending a first message 

firom the first device to the registration service that is encrypted using the 

device public key. 

13. A method as recited in Claim 1 1 , wherein generating information that provides 
assurance to a registration service that the first device is a certified device comprises the 
steps of creating and storing an association of a unique identifier of the first device and the 
device public key in a secure database that is accessible to the registration service, and 
providing the unique identifier firom the first device to the registration service. 

14. A method as recited in Claim 9, wherein establishing a longer-lived symmetric key 
comprises the steps of: 

generating the longer-lived symmetric key; 

encrypting the longer-lived symmetric key using the device pubUc key; 
encapsulating the encrypted longer-lived symmetric key in a device registration 
ticket; and 

sending the device registration ticket to the device. 

1 5. A method as recited in Claim 14, wherein encapsulating the encrypted key comprises 
encapsulating the encrypted longer-lived symmetric key with policy information in the 
device registration ticket, wherein the policy information defines a validity interval of the 
encrypted longer-lived symmetric key. 
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1 16. A method as recited in Claim 8, wherein generating and providing a short-term 

2 symmetric key to the first device includes the steps of encapsulating the short-term 

3 symmetric key in a short-term ticket granting ticket with associated policy information. 

1 17. A method as recited in Claim 8, wherein the step of receiving a request from a second 

2 device to obtain a session key for secure communications among the second device and the 

3 first device comprises the steps of: 

4 receiving a first short-term ticket granting ticket that includes the short-term 

5 symmetric key of the first device; 

6 receiving a second short-term ticket granting ticket that includes the short-term 

7 symmetric key of the second device; 

8 decrypting the first and second short-term ticket granting tickets based on respective 

9 first and second shared secret keys; 

10 authenticating the short-term symmetric keys of the first device and second device 

1 1 based on the respective first and second shared secret keys; and 

12 generating and providing a symmetric session key to the second device for use in 

1 3 subsequent secure peer-to-peer communications between the first device and 

14 the second device without communication of either the first device or second 

1 5 device to a key management service or authoritative authentication service. 

1 18. A method of estabUshing secure cryptographic peer-to-peer communication between 

2 a first device and a second device in a network, the method comprising the computer- 

3 implemented steps of: 

4 providing a unique identifier of the first device and receiving, in response, providing 

5 a registration service identifier that identifies an administrative entity to the 

6 first device; 

7 creating and storing a device private key in a secure data repository that is accessible 

8 by the administrative entity; 

9 receiving a longer-lived symmetric key for the first device; 
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authenticating the first device to a key management server using the longer-lived 
symmetric key of the first device; 

receiving a short-term symmetric key from the key management server, based on 
authenticating the longer-lived symmetric key; 

generating a request to a second device to obtain a session key for secure 

communications among the second device and the first device, based on 
authenticating the short-term symmetric key, wherein the request includes the 
short-term symmetric key of the first device; and 

receiving a symmetric session key from the second device for use in subsequent 

secure peer-to-peer communications between the first device and the second 
device without communication of either the first device or second device to a 
key management service or authoritative authentication service. 

19. A method as recited in Claim 18, wherein the steps of creating and storing a device 
private key with a data repository comprises the steps of generating a public key pair 
comprising a device public key and a device private key and storing the device private key in 
a database or directory that is accessible to the administrative entity. 

20. A method as recited in Claim 18, wherein the steps of creating and storing a device 
private key with a data repository comprises the steps of generating a public key pair 
comprising a device public key and a device private key and registering the device private 
key with a certification authority that is accessible to the administrative entity. 

21. A method as recited in Claim 1 8, wherein the step of receiving a longer-lived 
symmetric key for the first device comprises the steps of: 

providing information to a registration service that provides assurance that the first 

device is a certified device; and 
authenticating the first device to the registration service. 
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22. A method as recited in Claim 1 9, wherein the step of receiving a longer-lived 
symmetric key for the first device comprises the steps of: 

generating information that provides assurance to a registration service that the first 

device is a certified device; and 
authenticating the first device to the registration service by sending a first message 

fi-om the first device to the registration service that is encrypted using the 

device pubHc key. 

23 . A method as recited in Claim 2 1 , wherein providing information to a registration 
service that the first device is a certified device comprises the steps of creating and storing an 
association of a unique identifier of the first device and the device public key in a secure 
database that is accessible to the registration service, and providing the unique identifier fi-om 
the first device to the registration service. 

24. A method as recited in Claim 1 9, wherein receiving a longer-lived symmetric key 
comprises the steps of receiving a device registration ticket that comprises the longer-lived 
symmetric key encrypted using the device public key. 

25. A method as recited in Claim 24, wherein the encrypted longer-lived symmetric key 
is encapsulated in the device registration ticket with policy information that defines a validity 
interval of the encrypted longer-lived symmetric key. 

26. A method as recited in Claim 1 8, wherein receiving the short-term symmetric key 
comprises the steps of receiving the short-term symmetric key in a short-term ticket granting 
ticket with associated policy information. 
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1 27. A method as recited in Claim 1 8, wherein the step of generating a request from a 

2 second device to obtain a session key for secure communications among the second device 

3 and the first device comprises the steps of generating a first short-term ticket granting ticket 

4 that includes the short-term symmetric key of the first device. 

1 28. A method as recited in Claim 1 8, wherein the step of receiving a symmetric session 

2 key from the second device for use in subsequent secure peer-to-peer communications 

3 between the first device and the second device comprises receiving a shared service ticket 

4 that contains the symmetric session key. 

1 29. A method as recited in Claim 28, fijrther comprising the steps of: 
ffl 2 generating an initial request for peer-to-peer secure communication, wherein the 

3 initial request is directed to the second device and includes the shared service 

yJ 4 ticket; 

Ls, 5 authenticating the second device based on the symmetric session key in the shared 

6 service ticket; 

7 communicating one or more messages to the second device using the symmetric 

8 session key to encrypt or decrypt the messages. 

1 30. A computer-readable medium carrying one or more sequences of instructions for 

2 distributing cryptographic keys in a network, which instructions, when executed by one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 providing a registration service identifier that identifies an administrative entity to a 

5 first device and providing a unique identifier of the first device to the 

6 administrative entity, 

7 associating a device private key in a secure data repository that is accessible by the 

8 administrative entity; 

9 establishing a longer-lived symmetric key for the first device; 

1 0 authenticating the first device based on receiving the longer-lived symmetric key 

1 1 from the first device; 
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generating and providing a short-term symmetric key to the first device based on 




13 


authenticating the longer-lived symmetric key; 




14 


receiving a request from a second device to obtain a session key for secure 




15 


communications amons the second device and the first device hased on 




16 


authenticating the short-term svmmetric kev wherein the remip<2t inrlnHeQ fhf> 




17 


short-term symmetric key of the first device; and 




18 


generating and providing a symmetric session key to the second device for use in 




19 


subsequent secure peer-to-peer communications between the first device and 




20 


the second device without communication of either the first device or second 




21 


device to a key managraient service or authoritative authentication service. 




1 31. 
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the administrative entitv* 
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5 


means for associatinp" a Hevice r^rivatp Vpv in a cf»pnr«* H$itsi r**tv\citrkr\7 fViot ic 
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accessible hv the administrative entitv 

Ur\/\/Wi3k3XL/XV vjr UXV' CmJ-XXXXXXijLXCtLl V W WXXlXlY^ 




7 


means for establishing a lonffer-lived svmmetric kev fnr the first rlevir^* 




8 
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10 


means for ffeneratin^ and nrnvifiinff a short-term svmmetrip Vev tn thf* fi ret A(^\nnf^ 
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11 
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12 


means for receiving a reauest fi*om a second device to ohtain a session Vpv for Qf^mir*^ 




13 


communications amoncr the seconH Hpvir^p anH thp firct H^nnp hcicpH on 
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14 
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15 
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16 


means for generating and providing a symmetric session key to the second device for 




17 


use in subsequent secure peer-to-peer communications between the first 




18 


device and the second device without communication of either the first device 




19 


or second device to a key management service or authoritative authentication 




20 


service. 
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An apparatus for distributing cryptographic keys in a data network, comprising: 




Z 


a network interface that is coupled to the data network for receiving one or more 




3 


packet flows therefrom; 




4 


a processor; 




5 


one or more stored sequences of instructions which, when executed by the processor. 




6 


cause the processor to carry out the steps of: 




7 


providing a registration service identifier that identifies an administrative 




8 


entity to a first device and providing a unique identifier of the first 




9 


device to the administrative entity; 




10 


associating a device private key in a secure data repository that is accessible 




11 


by the administrative entity. 




12 


establishing a longer-lived symmetric key for the first device; 


ti 


13 


authenticating the first device based on receiving the longer-lived symmetric 




14 


key fi-om the first device; 


Si 


15 


generating and providing a short-term symmetric key to the first device based 




16 


on authenticating the longer-lived symmetric key; 




17 


receiving a request firom a second device to obtain a session key for secure 




18 


communications among the second device and the first device, based 




19 


on authenticating the short-term symmetric key, wherein the request 




20 


includes the short-terra symmetric key of the first device; and 




21 


generatmg and providing a symmetric session key to the second device for use 




22 


in subsequent secure peer-to-peer communications between the first 




23 


device and the second device without communication of either the first 




24 


device or second device to a key management service or authoritative 




25 


authentication. 
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